Florian Klink
3c74e48d9c
nixos/filesystems: ensure keys gid on /run/keys mountpoint
...
boot.specialFileSystems is used to describe mount points to be set up in
stage 1 and 2.
We use it to create /run/keys already there, so sshd-in-initrd scenarios
can consume keys sent over through nixops send-keys.
However, it seems the kernel only supports the gid=… option for tmpfs,
not ramfs, causing /run/keys to be owned by the root group, not keys
group.
This was/is worked around in nixops by running a chown root:keys
/run/keys whenever pushing keys [1], and as machines had to have pushed keys
to be usable, this was pretty much always the case.
This is causing regressions in setups not provisioned via nixops, that
still use /run/keys for secrets (through cloud provider startup scripts
for example), as suddenly being an owner of the "keys" group isn't
enough to access the folder.
This PR removes the defunct gid=… option in the mount script called in
stage 1 and 2, and introduces a tmpfiles rule which takes care of fixing
up permissions as part of sysinit.target (very early in systemd bootup,
so before regular services are started).
In case of nixops deployments, this doesn't change anything.
nixops-based deployments receiving secrets from nixops send-keys in
initrd will simply have the permissions already set once tmpfiles is
started.
Fixes #42344
[1]: 884d6c3994/nixops/backends/__init__.py (L267-L269)
2020-02-05 01:53:26 +01:00
Florian Klink
2ec5c4adf9
Merge pull request #79244 from r-ryantm/auto-update/yubico-piv-tool
...
yubico-piv-tool: 1.7.0 -> 2.0.0
2020-02-05 01:11:40 +01:00
Florian Klink
cbbb81c830
Merge pull request #79135 from dtzWill/fix/moby-now-linuxkit
...
moby: remove, merged into linuxkit in 2018
2020-02-05 01:09:15 +01:00
Silvan Mosberger
c4e912ac79
Merge pull request #79243 from Infinisil/remove-hostresolvconf
...
nixos/resolvconf: Remove useHostResolvConf option
2020-02-05 00:53:53 +01:00
Will Dietz
3e83806771
moby: remove, merged into linuxkit in 2018
...
Don't alias linuxkit, as linuxkit is not a drop-in replacement.
Instead, throw with an explanation.
(thanks reviewers!)
2020-02-04 17:51:03 -06:00
Jan Tojnar
f40a8a09fb
Merge pull request #78913 from jtojnar/cus-fixes
...
common-updater-scripts: Support SRI-style hash
2020-02-05 00:47:35 +01:00
R. RyanTM
25f50a9197
yubico-piv-tool: 1.7.0 -> 2.0.0
2020-02-04 23:44:36 +00:00
Florian Klink
b8a8fd0fd5
Merge pull request #79165 from sikmir/xournalpp
...
xournalpp: 1.0.16 -> 1.0.17
2020-02-05 00:38:55 +01:00
Silvan Mosberger
97ff64e351
nixos/resolvconf: Remove useHostResolvConf option
...
Never had any effect
2020-02-05 00:28:32 +01:00
Silvan Mosberger
b4cc413928
Merge pull request #77594 from Frostman/fix-grub-extrafiles-mirroredboots
...
Fix boot.loader.grub.extraFiles when used with mirroredBoots
2020-02-05 00:22:35 +01:00
Florian Klink
b27f806da8
Merge pull request #79173 from chkno/nerd-fonts
...
nerdfonts: 2.0.0 -> 2.1.0
2020-02-05 00:17:39 +01:00
markuskowa
8148b20300
Merge pull request #79238 from markuskowa/upd-snapper
...
snapper: 0.8.8 -> 0.8.9
2020-02-04 23:53:18 +01:00
Damien Bihel
9f64b84739
ber_metaocaml: fix install order.
...
Indeed, all standard modules with compiler-libs are not included (
eg. Optcompile).
closes #77680
2020-02-04 16:06:24 -06:00
Florian Klink
eb09e82120
Merge pull request #79162 from misuzu/systemd-sleep-config
...
nixos/systemd: add `systemd.sleep.extraConfig` config option
2020-02-04 23:02:53 +01:00
Markus Kowalewski
b8fb5ddaf6
snapper: 0.8.8 -> 0.8.9
2020-02-04 22:52:34 +01:00
Maximilian Bosch
89d13541e5
mautrix-telegram: 0.7.0 -> 0.7.1
...
https://github.com/tulir/mautrix-telegram/releases/tag/v0.7.1
2020-02-04 22:28:15 +01:00
Maximilian Bosch
f28acbdd33
Merge pull request #79221 from Ma27/bump-oracle-sqldeveloper
...
sqldeveloper: {17.4.1.054.0712,18.2.0.183.1748} -> 19.4.0.354.1759
2020-02-04 22:25:44 +01:00
Profpatsch
84630a1d90
Merge pull request #68469 from uri-canva/bazel-deps
...
bazel-deps: remove
2020-02-04 21:14:44 +01:00
Ben Darwin
00cd1d0f21
ocamlPackages.parmap: init at 1.1
2020-02-04 17:49:45 +01:00
Michael Raskin
5660c077df
lispPackages.cl-store: fix build
2020-02-04 17:22:12 +01:00
Lancelot SIX
fb37b20d4d
Merge pull request #79093 from bdesham/wee-slack-2.4.0
...
weechatScripts.wee-slack: 2.3.0 -> 2.4.0
2020-02-04 17:01:39 +01:00
Michael Raskin
1f0b4b19aa
sbcl: reinstate 2.0.0; add sbcl_2_0_1 for 2.0.1
...
2.0.1 is too fresh for current Quicklisp (for example, CFFI fails)
2020-02-04 17:06:54 +01:00
worldofpeace
49fb456ece
Merge pull request #75885 from voanhduy1512/add_asus_wmi_sensors
...
asus-wmi-sensors: init at 0.0.1
2020-02-04 10:53:37 -05:00
Alyssa Ross
95de02942f
Revert "mailman-wrapper: crazy hack to work around the missing urllib3 dependency"
...
This reverts commit ce6b2419be
, which
was unnecessary (mailman worked just fine on its parent commit).
See #79222 .
2020-02-04 15:40:37 +00:00
Tim Steinbach
3931b82775
oh-my-zsh: 2020-01-31 -> 2020-02-04
2020-02-04 09:44:47 -05:00
Jörg Thalheim
6cfc7e9bd2
Merge pull request #78448 from snicket2100/irqbalance-systemd
...
irqbalance: systemd service config aligned with upstream
2020-02-04 14:21:04 +00:00
Jörg Thalheim
c24a2d3e32
nixos/irqbalance: re-add multi-user.target
...
otherwise the service is never started by us.
2020-02-04 14:20:12 +00:00
Michael Weiss
a95cfefa55
Merge pull request #79223 from primeos/pijul-fix
...
pijul: Fix the build (broke due to a more recent Rust version)
2020-02-04 14:52:58 +01:00
Michael Weiss
eacc771f72
gitRepo: Switch to Python 3
2020-02-04 14:45:57 +01:00
Michael Weiss
7d4b5a2154
gitRepo: 1.13.8 -> 1.13.9.1
2020-02-04 14:45:57 +01:00
Peter Simons
ce6b2419be
mailman-wrapper: crazy hack to work around the missing urllib3 dependency
...
Please remove the explicit urllib3 dependency from this expression again once
https://github.com/NixOS/nixpkgs/issues/79222 is fixed.
2020-02-04 14:43:56 +01:00
Peter Simons
5717f312a4
mailman-web: add myself as a maintainer
2020-02-04 14:43:46 +01:00
Will Dietz
e2867af1b2
Merge pull request #77050 from r-ryantm/auto-update/editline
...
editline: 1.16.1 -> 1.17.0
2020-02-04 07:25:26 -06:00
Michael Weiss
6fd230f144
signal-desktop: 1.30.0 -> 1.30.1
...
Changelog: https://github.com/signalapp/Signal-Desktop/releases/tag/v1.30.1
2020-02-04 14:16:18 +01:00
Michael Weiss
0de211d08d
Merge pull request #79212 from primeos/cleanup
...
dmenu2, tdesktopPackages: Remove the deprecation messages
2020-02-04 14:06:48 +01:00
Michael Weiss
434ff94e73
pijul: Fix the build (broke due to a more recent Rust version)
...
This uses an upstream patch [0] to fix a compatibility error with a new
version of Rust. Fix #79150 .
Unfortunately patching Rust dependencies in Nixpkgs turned out to be way
more hacky than I expected (maybe there is a nicer way?), but it should
be fine for now.
A new release might follow soonish [1] so that we can drop the patches.
References:
- https://nest.pijul.com/pijul_org/pijul/discussions/401
- https://nest.pijul.com/pijul_org/thrussh/discussions/31
[0]: https://nest.pijul.com/pijul_org/thrussh:master/patches/AsyuWkJg4jAwNaG3H1yv1kbECx5E3GQAtjzXWBDB8yEGMswyfKbxKvYmAGWCohTVaTipdvF8mHh63yU5PTr5F9py
[1]: https://discourse.pijul.org/t/is-this-project-still-active-yes-it-is/451
2020-02-04 14:05:02 +01:00
Aaron Andersen
0285cbcbe2
Merge pull request #79159 from jojosch/mytop-clear
...
mariadb: mytop add "clear" to PATH
2020-02-04 08:00:55 -05:00
Maximilian Bosch
294f667121
sqldeveloper: {17.4.1.054.0712,18.2.0.183.1748} -> 19.4.0.354.1759
...
There are no new releases of sqldeveloper v17/v18 and I don't think that
we should keep obviously unmaintained software that interacts with
database systems.
I removed `sqldeveloper_18` and `pkgs.sqldeveloper` now points to
version 19.4. Unfortunately I had to drop darwin support as JavaFX is
required for 19.4 which is part of the `oraclejdk` which isn't packaged
for darwin yet.
For further information please refer to the release notes:
https://www.oracle.com/technetwork/developer-tools/sql-developer/downloads/sqldev-relnotes-194-5908846.html
2020-02-04 13:51:52 +01:00
Maximilian Bosch
9edc77f3e2
Merge pull request #79217 from mmahut/dat
...
dat: move from all-packages to aliases
2020-02-04 13:43:32 +01:00
Marek Mahut
65a1a68614
dat: move from all-packages to aliases
2020-02-04 12:52:54 +01:00
Michael Weiss
0d1eeb7dbb
dmenu2, tdesktopPackages: Remove the deprecation messages
...
These aren't required anymore by now :)
2020-02-04 12:32:50 +01:00
Jörg Thalheim
4d676594ac
radare2-cutter: 1.9.0 -> 1.10.1
2020-02-04 11:31:06 +00:00
Jörg Thalheim
0bb7b8a72d
radare2: 4.0.0 -> 4.2.0
2020-02-04 11:31:04 +00:00
Maximilian Bosch
f32e921ca9
Merge pull request #79206 from Frostman/hugo-0.64.0
...
hugo: 0.63.2 -> 0.64.0
2020-02-04 11:53:41 +01:00
Michele Guerini Rocco
96358710f7
qutebrowser: 1.9.0 -> 1.10.0 ( #79172 )
2020-02-04 11:24:07 +01:00
Sergey Lukjanov
8447c84d48
hugo: 0.63.2 -> 0.64.0
2020-02-04 01:49:01 -08:00
Mario Rodas
bb769908f9
Merge pull request #79103 from marsam/init-pueue
...
pueue: init at 0.1.4
2020-02-04 04:04:36 -05:00
Vincent Laporte
21b4edc6a0
ocamlPackages.lwt4: 4.4.0 → 4.5.0
2020-02-04 09:48:28 +01:00
Mario Rodas
7596dfeb9a
Merge pull request #79201 from marsam/update-syncthing
...
syncthing: 1.3.3 -> 1.3.4
2020-02-04 03:19:48 -05:00
Mario Rodas
3267ed0853
Merge pull request #79200 from marsam/update-flexget
...
flexget: 3.1.13 -> 3.1.18
2020-02-04 03:14:59 -05:00